ofthe key technologies in the protection system. This thesis researches and implements a detection engine ofⅥ冈rⅣserver protectionsystem base on open—source Intrusion Detection System(IDS)一Snort.First,this paperoutlines the web security issues and status of common WWW server defense technologies.presents the significance of WWw server protection system research.Then.analyzes thestructure and principles of open source system Snort and intrusion detection technologies,describes the wide use of intrusion detection technology in Web server protection andinadequates of Snort system.Then,according to the fact that most of intrusion dection systemsused in web server protection are based on misuse detection technology of which theefficiency of matching algorithm has a critical impact on the the engine’S efficiency,stringmatching algorithms are researched.Improved BM and KR algorithms are introduced,implemented and tested.And then,the design and implementation of the detection engine arepresented,rules analysis,the protocol analysis and the rules matching are described in detail.According to the fact that the intrution datas received by WWW server in a certain time havesome common characteristics,dynamic index adjustment technology is applied here toaccelerate rules matching.Following,against SQL injection attacks have serious threat on theWWW server,SQL attack technology is analysed,and rules are defined accordingly.Finally,the test of the detection engine for WwW serveT protection system is done.and the testingconclusions are giyen.Key words: WWW Server Protection;Intrusion Detection System(IDS); Patten Match;Detection EngineCLASSNO:TP309 学位论文
版权使用授权书 本学位论文作者完全了解北京交通大学有关保留、使用学位论文的规定。
特授权北京交通大学可以将学位论文的全部或部分内容编入有关数据库进行检索,并采用影印、缩印